More Hacks Inevitable in Pharma Industry, Cybersecurity Expert Says


Earlier this month, sophisticated cyber thieves hacked into the databases of Charles River Laboratories and compromised some client data. Hacks like this have happened before and they are bound to happen again – perhaps sooner, rather than later.

Andrew Douthwaite, chief technology officer for Colorado-based VirtualArmour, a cybersecurity company, told BioSpace that biotech and pharma companies are desirable targets for hackers and cyber thieves due to the value of the intellectual property. Out of five major business sectors, Douthwaite said the pharma industry is the second highest target for hackers. Because of the richness of the targets, as well as gaps in cybersecurity, Douthwaite said it’s only a matter of time before another significant hack occurs within the pharma industry.

“I don’t want to be a scaremonger, but there are going to be more attacks,” Douthwaite said in a telephone interview.

Click to create a jobseeker profile

And there certainly have been. Charles River Labs is only the most recent company to deal with such a data breach. In April, Partners for Quality, which provides services and support to individuals with intellectual and developmental disabilities, reported unauthorized access to client information. A year ago, Sangamo Therapeutics reported a data breach after an executive’s email was hacked. Johnson & Johnson was also the subject of a data breach last year that compromised the emails of hundreds of people in Ireland. Also in 2017, a U.S. clinic was attacked and data information from a Phase II trial was stolen. A U.K. CRO was also hit the same year and mid-stage data was stolen.

In order to prevent more financial losses, as well as the loss of patient data, Douthwaite said it’s essential for companies to implement security plans and procedures that could mitigate future losses. He outlined some of the offerings his company provides to clients to mitigate these threats, including log-in management, as well as the provision of 24-hour security services. Not only could intellectual property be stolen from an attack, but also information that could provide criminal elements the necessary information on the development of potential bioweapons.

VirtualArmour provides round-the-clock cybersecurity for its clients, but in today’s world, he said it provides a buy-in from the C-suite level down, due in part to the number of connected devices in use, and the massive amounts of data being shared in drug development. Douthwaite pointed to a similar situation with Charles River Labs that VirtualArmour was called in to help resolve. He said the company, whose name he did not disclose, had a customer portal that allowed hackers to infiltrate. A proprietary database was downloaded by the thieves, which prompted the company to call in VirtualArmour. Douthwaite said the company established several protocols, including a system that allowed the company to see which clients were trying to log into their system, a security protection that had not previously been in place.

Douthwaite said it’s important for the industry to look at the current security tools in place and identify gaps that could provide hackers an easier entrance.

“This includes pin testing, vulnerability management and threat intelligence. You have to keep your eyes open,” Douthwaite said.

Added to that is a response phase, which provides companies and security providers with the necessary guidelines and confidence to respond to a threat. Douthwaite noted that the tools and means that hackers use to gain entrance into a system are constantly evolving, which requires constant vigilance.

Following the hacking earlier this month, Charles River said it will aggressively move to further secure its information systems. The company will add enhanced security features and monitoring procedures to further protect its client data.

But in today’s world, hacking is only one concern that some companies must face. Ransomware attacks have also been an issue. In 2017, pharma giant Merck was the target of an attack. Merck & Co., among other companies, was targeted by a malware attack that was believed to have originated in Ukraine. The malware strain, known as NotPetya, is a type of ransomware, and it shut down computer systems and sought to extort funds from companies in order to release those compromised systems. Like hacking, Douthwaite said ransomware tactics are evolving, but he noted that if companies put strong cybersecurity tools and protocols into place, that threat should be diminished. He noted that backup servers are essential tools that can thwart these cyber hostage-taking attempts.

“If ransomware hits, you can reboot and start over with little delay,” he said.

Back to news